From: Luís Miguel Silva (lms_at_ispgaya.pt)
Date: Mon 22 Dec 2003 - 20:35:36 GMT
Hello all,
I know the do_brk vulnerability is “a thing of the past” but, I just tried
out the exploit on one of my vservers just to see what happened.
lms_at_mail:~$ id
uid=1009(lms) gid=100(users) groups=100(users)
lms_at_mail:~$ ./kernel
[-] Unable to change page protection: Cannot allocate memory
[-] Unable to exit, entering neverending loop.
[1]+ Stopped ./kernel
lms_at_mail:~$ uname -a
Linux mail.whocares.org 2.4.21-ctx17 #1 SMP Tue Sep 16 15:04:08 WEST 2003
i686 GNU/Linux
lms_at_mail:~$
And now for a developer question: is a local kernel root exploit able to
break the vserver environment?
If a normal user was to successfully exploit a vserver with a local exploit
would he:
a) be root on the vserver?
b) Be root on the root server?
c) None of the above. Aliens would invade earth and it would rain
chocolate candy…heh
Best,
+-------------------------------------------
| Luís Miguel Silva
| Network Administrator@ ISPGaya.pt
| Rua António Rodrigues da Rocha, 291/341
| Sto. Ovídio • 4400-025 V. N. de Gaia
| Portugal
| T: +351 22 3745730/3/5 F: +351 22 3745738
| G: +351 93 6371253 E: lms_at_ispgaya.pt
+-------------------------------------------
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver